CVE-2014-5415
First published: Wed Oct 05 2016(Updated: )
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Beckhoff Embedded PC images | ||
| Beckhoff TwinCAT Extended Automation Runtime |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-5415?
CVE-2014-5415 has a critical severity rating as it allows remote attackers to gain unauthorized access.
How do I fix CVE-2014-5415?
To fix CVE-2014-5415, update the Beckhoff Embedded PC images and TwinCAT components to versions released after October 22, 2014.
What are the attack vectors for CVE-2014-5415?
CVE-2014-5415 can be exploited through the Windows CE Remote Configuration Tool, CE Remote Display service, and TELNET service.
Who is affected by CVE-2014-5415?
CVE-2014-5415 affects users of Beckhoff Embedded PC images prior to 2014-10-22 and those using affected TwinCAT components.
What types of devices are impacted by CVE-2014-5415?
Devices impacted by CVE-2014-5415 include Beckhoff Embedded PCs and systems utilizing TwinCAT automation software.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/beckhoff
- canonical/beckhoff embedded pc images
- canonical/beckhoff twincat extended automation runtime